Unrated severityNVD Advisory· Published Oct 22, 2021· Updated Aug 4, 2024
CVE-2020-28955
CVE-2020-28955
Description
SugarCRM v6.5.18 was discovered to contain a cross-site scripting (XSS) vulnerability in the Create Employee module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the First Name or Last Name input fields.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SugarCRM/SugarCRMdescription
Patches
Vulnerability mechanics
References
1- www.vulnerability-lab.com/get_content.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.